| 1 |
<h2 class="subsection-title">Two-Factor Authentication</h2> |
| 2 |
|
| 3 |
<div class="totp-section"> |
| 4 |
<p class="muted mb-4">Scan this QR code with your authenticator app (Google Authenticator, Authy, etc.):</p> |
| 5 |
|
| 6 |
<div class="totp-qr"> |
| 7 |
<img src="data:image/png;base64,{{ qr_base64 }}" alt="TOTP QR Code"> |
| 8 |
</div> |
| 9 |
|
| 10 |
<details class="totp-manual"> |
| 11 |
<summary>Manual entry key</summary> |
| 12 |
<code class="totp-manual-secret">{{ secret_base32 }}</code> |
| 13 |
</details> |
| 14 |
</div> |
| 15 |
|
| 16 |
<div class="totp-section"> |
| 17 |
<h3 class="mb-2">Backup Codes</h3> |
| 18 |
<p class="muted mb-3 text-sm"> |
| 19 |
Save these codes somewhere safe. Each code can only be used once to log in if you lose access to your authenticator app. |
| 20 |
</p> |
| 21 |
<div class="backup-codes-grid"> |
| 22 |
{% for code in backup_codes %} |
| 23 |
<code>{{ code }}</code> |
| 24 |
{% endfor %} |
| 25 |
</div> |
| 26 |
</div> |
| 27 |
|
| 28 |
<div class="totp-confirm"> |
| 29 |
<p class="muted mb-3 text-sm"> |
| 30 |
Enter a code from your authenticator app to confirm setup: |
| 31 |
</p> |
| 32 |
<form hx-post="/api/users/me/totp/confirm" |
| 33 |
hx-target="#totp-section" |
| 34 |
hx-swap="innerHTML"> |
| 35 |
<div class="field-row"> |
| 36 |
<div class="form-group is-grow"> |
| 37 |
<input type="text" name="code" placeholder="000000" |
| 38 |
required autocomplete="one-time-code" inputmode="numeric" |
| 39 |
pattern="[0-9]{6}" maxlength="6"> |
| 40 |
</div> |
| 41 |
<button class="btn-primary" type="submit">Confirm</button> |
| 42 |
</div> |
| 43 |
<span id="totp-confirm-status"></span> |
| 44 |
</form> |
| 45 |
</div> |
| 46 |
|